MS Security Bulletin Summary - May 2013
FYI...
- https://technet.microsoft.com/en-us/...letin/ms13-may
May 14, 2013 - "This bulletin summary lists security bulletins released for May 2013...
(Total of -10-)
Microsoft Security Bulletin MS13-037 - Critical
Cumulative Security Update for Internet Explorer (2829530)
- https://technet.microsoft.com/en-us/...letin/ms13-037
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer
Microsoft Security Bulletin MS13-038 - Critical
Security Update for Internet Explorer (2847204)
- https://technet.microsoft.com/en-us/...letin/ms13-038
Critical - Remote Code Execution - May require restart - Microsoft Windows, Internet Explorer
Microsoft Security Bulletin MS13-039 - Important
Vulnerability in HTTP.sys Could Allow Denial of Service (2829254)
- https://technet.microsoft.com/en-us/...letin/ms13-039
Important - Denial of Service - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS13-040 - Important
Vulnerabilities in .NET Framework Could Allow Spoofing (2836440)
- http://technet.microsoft.com/en-us/s...letin/ms13-040
Important - Spoofing - May require restart - Microsoft Windows, Microsoft .NET Framework
Microsoft Security Bulletin MS13-041 - Important
Vulnerability in Lync Could Allow Remote Code Execution (2834695)
- https://technet.microsoft.com/en-us/...letin/ms13-041
Important - Remote Code Execution - May require restart - Microsoft Lync
Microsoft Security Bulletin MS13-042 - Important
Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (2830397)
- https://technet.microsoft.com/en-us/...letin/ms13-042
Important - Remote Code Execution - May require restart - Microsoft Office
Microsoft Security Bulletin MS13-043 - Important
Vulnerability in Microsoft Word Could Allow Remote Code Execution (2830399)
- https://technet.microsoft.com/en-us/...letin/ms13-043
Important - Remote Code Execution - May require restart - Microsoft Office
Microsoft Security Bulletin MS13-044 - Important
Vulnerability in Microsoft Visio Could Allow Information Disclosure (2834692)
- https://technet.microsoft.com/en-ca/...letin/ms13-044
Important - Information Disclosure - May require restart - Microsoft Office
Microsoft Security Bulletin MS13-045 - Important
Vulnerability in Windows Essentials Could Allow Information Disclosure (2813707)
- https://technet.microsoft.com/en-us/...letin/ms13-045
Important - Information Disclosure - May require restart - Microsoft Windows Essentials
Microsoft Security Bulletin MS13-046 - Important
Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation Of Privilege (2840221)
- https://technet.microsoft.com/en-us/...letin/ms13-046
Important - Elevation of Privilege - Requires restart - Microsoft Windows
___
- http://blogs.technet.com/b/msrc/arch...edirected=true
"... 10 bulletins, addressing 33 vulnerabilities in Microsoft products..."
Bulletin Deployment Priority
> https://blogs.technet.com/cfs-filesy...t-Priority.png
Severity and Exploitability Index
> https://blogs.technet.com/cfs-filesy...lity-Index.png
MS13-037 addressing Pwn2own vulnerabilities
- https://blogs.technet.com/b/srd/arch...edirected=true
14 May 2013
___
May 2013 Security Bulletin Webcast Q&A
- https://blogs.technet.com/b/msrc/p/m...edirected=true
May 15, 2013
___
ISC Analysis
- https://isc.sans.edu/diary.html?storyid=15791
Last Updated: 2013-05-14 17:52:27 UTC
___
- https://secunia.com/advisories/53327/ - MS13-037
- https://secunia.com/advisories/53314/ - MS13-038 - IE 8
- https://secunia.com/advisories/53340/ - MS13-039
- https://secunia.com/advisories/53350/ - MS13-040
- https://secunia.com/advisories/53363/ - MS13-041
- https://secunia.com/advisories/53370/ - MS13-042
- https://secunia.com/advisories/53379/ - MS13-043
- https://secunia.com/advisories/53380/ - MS13-044
- https://secunia.com/advisories/53383/ - MS13-045
- https://secunia.com/advisories/53385/ - MS13-046
___
MSRT
- https://support.microsoft.com/?kbid=890830
Last Review: May 14, 2013 - Revision: 122.0
- https://blogs.technet.com/b/mmpc/arc...edirected=true
14 May 2013 - "... added three new families to this month’s Malicious Software Removal Tool (MSRT): Win32/FakeDef, Win32/Vicenor, and Win32/Kexqoud..."
(More detail and Screenshots at the URL above.)
Download:
- https://www.microsoft.com/en-us/down...l-details.aspx
File Name: Windows-KB890830-V4.20.exe - 19.3 MB
Windows Malicious Software Removal Tool x64:
File Name: Windows-KB890830-x64-V4.20.exe - 20.0 MB
___
- https://krebsonsecurity.com/2013/05/...ity-updates-2/
"<soapbox>On a side note..Dear Microsoft: Please stop asking people to install Silverlight every time they visit a Microsoft.com property. I realize that Silverlight is a Microsoft product, but it really is not needed to view information about security updates. In keeping with the principle of reducing the attack surface of an operating system, you should not be foisting additional software on visitors who are coming to you for information on how to fix bugs and vulnerabilities in Microsoft products that they already have installed. </soapbox>"
> https://krebsonsecurity.com/wp-conte...ilverlight.png
.
Microsoft Security Advisories 2013.05.14 ...
FYI...
Microsoft Security Advisory (2847140)
Vulnerability in Internet Explorer Could Allow Remote Code Execution
- http://technet.microsoft.com/en-us/s...visory/2847140
Updated: Tuesday, May 14, 2013 Version: 2.0 - "... We have issued MS13-038* to address this issue..."
* https://technet.microsoft.com/en-us/...letin/ms13-038
Microsoft Security Advisory (2820197)
Update Rollup for ActiveX Kill Bits
- http://technet.microsoft.com/en-us/s...visory/2820197
May 14, 2013 - "... This update includes kill bits to prevent the following ActiveX controls from being run in Internet Explorer:
• Honeywell Enterprise Buildings Integrator. The following Class Identifier relates to a request by Honeywell to set a kill bit for an ActiveX control that is vulnerable. The class identifier (CLSIDs) for this ActiveX control is:
{0d080d7d-28d2-4f86-bfa1-d582e5ce4867}
• SymmetrE and ComfortPoint Open Manager. The following Class Identifier relates to a request by Honeywell to set a kill bit for an ActiveX control that is vulnerable. The class identifier (CLSIDs) for this ActiveX control is:
{29e9b436-dfac-42f9-b209-bd37bafe9317} ..."
Microsoft Security Advisory (2846338)
Vulnerability in Microsoft Malware Protection Engine Could Allow Remote Code Execution
- http://technet.microsoft.com/en-us/s...visory/2846338
May 14, 2013 - "... Only x64-based versions of the Malware Protection Engine are affected... The Microsoft Malware Protection Engine is a part of several Microsoft antimalware products. See the Affected Software section for a list of affected products..."
Microsoft Security Advisory (2755801)
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10
- http://technet.microsoft.com/en-us/s...visory/2755801
Updated: Tuesday, May 14, 2013 - "... update addresses the vulnerabilities described in Adobe Security bulletin APSB13-14*..."
* https://www.adobe.com/support/securi...apsb13-14.html
"... Flash Player 11.7.700.202 for Windows 8..."
:fear::fear::fear::fear:
MS Security Bulletin Summary - June 2013
FYI...
- https://technet.microsoft.com/en-us/...letin/ms13-jun
June 11, 2013 - "This bulletin summary lists security bulletins released for June 2013...
(Total of -5-)
Microsoft Security Bulletin MS13-047 - Critical
Cumulative Security Update for Internet Explorer (2838727)
- https://technet.microsoft.com/en-us/...letin/ms13-047
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer
Microsoft Security Bulletin MS13-048 - Important
Vulnerability in Windows Kernel Could Allow Information Disclosure (2839229)
- https://technet.microsoft.com/en-us/...letin/ms13-048
Important - Information Disclosure - Requires restart - Microsoft Windows
- https://support.microsoft.com/kb/2839229
Last Review: June 15, 2013 - Revision: 4.1 - "... MS13-048... Known issues with this security update:
Customers who use non-updated versions of certain Kingsoft software products may experience issues installing this security update. In some cases, systems may not successfully restart after security update 2839229 is applied, and customers may encounter a blue or blank screen. We are aware that Kingsoft antivirus and browser product components (kisknl.sys, knbdrv.sys, and dgsafe.sys) may be affected. We recommend that customers update their Kingsoft software to the latest versions -before- security update 2839229 is applied..."
Microsoft Security Bulletin MS13-049 - Important
Vulnerability in Kernel-Mode Driver Could Allow Denial of Service (2845690)
- https://technet.microsoft.com/en-us/...letin/ms13-049
Important - Denial of Service - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS13-050 - Important
Vulnerability in Windows Print Spooler Components Could Allow Elevation of Privilege
- https://technet.microsoft.com/en-us/...letin/ms13-050
Important - Elevation of privilege - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS13-051 - Important
Vulnerability in Microsoft Office Could Allow Remote Code Execution (2839571)
- https://technet.microsoft.com/en-us/...letin/ms13-051
Important - Remote Code Execution - May require restart - Microsoft Office
___
- http://blogs.technet.com/b/srd/archi...edirected=true
11 Jun 2013 - "MS13-051... We have seen this vulnerability exploited in targeted 0day attacks in the wild..."
- https://krebsonsecurity.com/2013/06/...flash-windows/
11 Jun 2013 - "... five updates address 23 vulnerabilities in Windows, Internet Explorer, and Office..."
- http://blogs.technet.com/b/msrc/arch...edirected=true
Bulletin Deployment Priority
- https://blogs.technet.com/cfs-filesy...3-DP-Slide.PNG
Severity and Exploitability Index
- https://blogs.technet.com/cfs-filesy...d-Severity.PNG
___
- https://secunia.com/advisories/53728/ - MS13-047
- https://secunia.com/advisories/53739/ - MS13-048
- https://secunia.com/advisories/53741/ - MS13-049
- https://secunia.com/advisories/53742/ - MS13-050
- https://secunia.com/advisories/53747/ - MS13-051
___
ISC Analysis
- https://isc.sans.edu/diary.html?storyid=15977
Last Updated: 2013-06-11 17:10:35 UTC
___
MSRT
- https://support.microsoft.com/?kbid=890830
June 11, 2013 - Revision: 123.0
- http://www.microsoft.com/security/pc...-families.aspx
"... added in this release...
• Tupym..."
Download:
- https://www.microsoft.com/en-us/down...l-details.aspx
Windows-KB890830-V5.1.exe - 19.1 MB
... Change systems:
Windows Malicious Software Removal Tool x64:
Windows-KB890830-x64-V5.1.exe - 19.9 MB
.
MS Security Advisories - 2013.06.11
FYI...
Microsoft Security Advisory (2854544)
Update to Improve Cryptography and Digital Certificate Handling in Windows
- http://technet.microsoft.com/en-us/s...visory/2854544
June 11, 2013 - "... Microsoft released an update (2813430) for all supported editions of Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, and Windows RT..."
* http://support.microsoft.com/kb/2813430
Microsoft Security Advisory (2755801)
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10
- http://technet.microsoft.com/en-us/s...visory/2755801
June 11, 2013 - Version: 13.0
:fear::fear:
MS13-029 re-released for XPSP3 ...
FYI...
MS13-029 re-released for XPSP3 ...
Microsoft Security Bulletin MS13-029 - Critical
- https://technet.microsoft.com/en-us/...letin/ms13-029
... Update FAQ: Why was this bulletin revised on June 25, 2013?
Microsoft revised this bulletin to rerelease the 2813347 update for Remote Desktop Connection 7.0 Client on Windows XP Service Pack 3. The rereleased update addresses an issue with the original update that caused the update to be incorrectly reoffered to systems running in specific configurations. Microsoft recommends that customers running the affected software apply the rereleased security update immediately...
V2.0 (June 25, 2013): Revised bulletin to rerelease the 2813347 update for Remote Desktop Connection 7.0 Client on Windows XP Service Pack 3. Microsoft recommends that customers running the affected software apply the rereleased security update immediately...
- https://support.microsoft.com/kb/2828223
Last Review: June 25, 2013 - Revision: 2.0
:fear::fear:
MS Security Bulletin Summary - July 2013
FYI...
- https://technet.microsoft.com/en-us/...letin/ms13-jul
July 09, 2013 - "This bulletin summary lists security bulletins released for July 2013...
(Total of -7-)
Microsoft Security Bulletin MS13-052 - Critical
Vulnerabilities in .NET Framework and Silverlight Could Allow Remote Code Execution (2861561)
- https://technet.microsoft.com/en-us/...letin/ms13-052
Critical - Remote Code Execution - May require restart - Microsoft Windows, Microsoft .NET Framework, Microsoft Silverlight
Microsoft Security Bulletin MS13-053 - Critical
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2850851)
- https://technet.microsoft.com/en-us/...letin/ms13-053
Critical - Remote Code Execution - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS13-054 - Critical
Vulnerability in GDI+ Could Allow Remote Code Execution (2848295)
- https://technet.microsoft.com/en-us/...letin/ms13-054
Critical - Remote Code Execution - May require restart - Microsoft Windows, Microsoft Office, Microsoft Visual Studio, Microsoft Lync
Microsoft Security Bulletin MS13-055 - Critical
Cumulative Security Update for Internet Explorer (2846071)
- https://technet.microsoft.com/en-us/...letin/ms13-055
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer
V1.1 (July 9, 2013): Bulletin revised to announce that Microsoft is aware of targeted attacks attempting to exploit the vulnerability described in CVE-2013-3163 through Internet Explorer 8. Applying this security update protects customers from exploitation of this vulnerability.
- https://atlas.arbor.net/briefs/index#31300424
High Severity
July 11, 2013
A 0day Internet Explorer exploit has been used in one or more targeted attack campaigns. Microsoft is aware of the issue but patching has yet to take place, leaving a window of vulnerability now that the issue is more well known.
Analysis: It is impossible to avoid all 0day attacks because by their very nature, few will know of the vulnerability. It's not secret that nation-states, security contractors and intelligence agencies have access to many vulnerabilities that are developed in-house or are part of covert markets. Despite this persistent problem with an unknown attack surface, reduction of attack surface is key, along with robust monitoring of resources of value for indicators of compromise. On the host side, Microsofts EMET technology stymies this particular exploit, although in general EMET can be evaded. Despite it's weaknesses, EMET is an extra layer of defense and it's low deployment likely means that some attackers will be less likely to attempt to bypass it's defenses. In the meanwhile, indicators from this particular attack can be useful to help determine if your organization has been targeted.
Source: http://blogs.technet.com/b/srd/archi...r-so-long.aspx
10 Jul 2013 - "... addressed by yesterday’s Microsoft Security Bulletin MS13-055. If you have not yet updated, please do so at the earliest possible..."
Microsoft Security Bulletin MS13-056 - Critical
Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (2845187)
- https://technet.microsoft.com/en-us/...letin/ms13-056
Critical - Remote Code Execution - May require restart - Microsoft Windows
Microsoft Security Bulletin MS13-057 - Critical
Vulnerability in Windows Media Format Runtime Could Allow Remote Code Execution (2847883)
- https://technet.microsoft.com/en-us/...letin/ms13-057
Critical - Remote Code Execution - May require restart - Microsoft Windows
Microsoft Security Bulletin MS13-058 - Important
Vulnerability in Windows Defender Could Allow Elevation of Privilege (2847927)
- https://technet.microsoft.com/en-us/...letin/ms13-058
Important - Elevation of Privilege - Does not require restart - Microsoft Security Software
___
- http://blogs.technet.com/b/msrc/arch...edirected=true
9 Jul 2013
Bulletin Deployment Priority
- https://blogs.technet.com/cfs-filesy...ly-2013-DP.png
Severity and Exploitability Index
- https://blogs.technet.com/cfs-filesy...3-Severity.png
___
- https://secunia.com/advisories/54025/ - MS13-052
- https://secunia.com/advisories/53435/ - MS13-053
- https://secunia.com/advisories/54057/ - MS13-054
- https://secunia.com/advisories/54060/ - MS13-055
- https://secunia.com/advisories/54061/ - MS13-056
- https://secunia.com/advisories/54062/ - MS13-057
- https://secunia.com/advisories/54063/ - MS13-058
___
ISC Analysis
- https://isc.sans.edu/diary.html?storyid=16126
Last Updated: 2013-07-09 18:22:06 UTC... (Version: 2)
- https://atlas.arbor.net/briefs/index#-271320476
Extreme Severity
July 11, 2013 21:27
Microsoft and Adobe release critical updates. There are apparently two in-the-wild exploits for Microsoft vulnerabilities that are patched herein, so quick deployment is important.
Analysis: One of the Microsoft security holes was disclosed to the public via sharing of exploit code. This has unsurprisingly resulted in the vulnerability being exploited in the wild. There is additional evidence to suggest another one of the vulnerabilities is also being exploited, and details are emergent. No known attacks are taking advantage of the security holes patched by Adobe, however it is always likely that resourceful attackers have known of at least some of these vulnerabilities and have used them in targeted attacks.
Source: https://krebsonsecurity.com/2013/07/...tical-updates/
___
July 2013 Office Update Release
- https://blogs.technet.com/b/office_s...edirected=true
9 Jul 2013
___
- https://www.computerworld.com/s/arti...rosoft_Windows
July 9, 2013 - "... 17 of the 34 vulnerabilities covered in the bulletins address IE..."
- http://www.securitytracker.com/id/1028745
CVE Reference: CVE-2013-3115, CVE-2013-3143, CVE-2013-3144, CVE-2013-3145, CVE-2013-3146, CVE-2013-3147, CVE-2013-3148, CVE-2013-3149, CVE-2013-3150, CVE-2013-3151, CVE-2013-3152, CVE-2013-3153, CVE-2013-3161, CVE-2013-3162, CVE-2013-3163, CVE-2013-3164, CVE-2013-3166
Jul 9 2013
Impact: Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): 6, 7, 8, 9, 10 ...
Microsoft Security Advisory (2755801)
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
- http://technet.microsoft.com/en-us/s...visory/2755801
V14.0 (July 9, 2013): Added the 2857645 update to the Current Update section.
Current Update: On July 9, 2013, Microsoft released an update (2857645) for all supported editions of Windows 8, Windows Server 2012, and Windows RT. The update addresses the vulnerabilities described in Adobe Security bulletin APSB13-17*. For more information about this update, including download links, see Microsoft Knowledge Base Article 2857645**. Note: The update for Windows RT is available via Windows Update only. The 2857645 update is also available for Internet Explorer 11 Preview in Windows 8.1 Preview and Windows 8.1 RT Preview releases. The update is available via Windows Update.
* http://www.adobe.com/support/securit...apsb13-17.html
CVE-2013-3344, CVE-2013-3345, CVE-2013-3347
Flash Player in Internet Explorer 10
** http://support.microsoft.com/kb/2857645
July 9, 2013
___
MSRT
- https://support.microsoft.com/?kbid=890830
Last Review: July 9, 2013 - Revision: 124.0
- http://www.microsoft.com/security/pc...-families.aspx
"... list includes every major virus and worm family the tool provides detection and cleaning capabilities for since its initial release on January 11, 2005..."
Download:
- https://www.microsoft.com/en-us/down...l-details.aspx
Windows-KB890830-V5.2.exe
Windows Malicious Software Removal Tool x64:
Windows-KB890830-x64-V5.2.exe
.
Problems with MS13-057 ...
FYI...
Problems with MS13-057...
Half your video missing in Windows Movie Maker?[1] MS13-057 to blame.
- http://blog.dynamoo.com/2013/07/half...n-windows.html
16 July 2013 - "... I am not alone.. an InfoWorld post* also indicates that there are problems with Adobe Premiere Pro, Techsmith Camtasia Studio, Serif MoviePlus X6 plus some games due to the MS13-057 update pushed out a week ago. If you are experiencing critical problems with missing video, then the only thing to do seems to be to uninstall the Windows Media Player patch listed as KB2803821 or KB2834904. If this isn't causing a problem then you may as well keep the patch in place to protect your system. I would expect another patch to be re-issued soon."
* https://www.infoworld.com/t/microsof...2834904-222636
July 12, 2013
1) https://lh3.ggpht.com/-k5l-sYmfu54/U...Q/s400/wmm.jpg
___
- https://isc.sans.edu/diary.html?storyid=16168
Last Updated: 2013-07-15 21:34:45 UTC
___
MS13-057: Description of the security update for Windows Media Format Runtime 9 and 9.5 (wmvdmod.dll), and for Windows Media Player 11 and 12
- http://support.microsoft.com/default...;en-us;2803821
Last Review: August 13, 2013 - Revision: 8.0 - "... If you use Adobe Premier Pro CS6, Camtasia Studio 8.1, or Serif MoviePlus X6, you may experience issues after installing 2803821. In some cases, WMV video files may fail to successfully encode or decode. Upon completion of the investigation, Microsoft will take appropriate action to help protect our customers. This may include providing mitigations and workarounds or re-releasing this security update."
___
3 more botched Windows patches: KB 2803821, KB 2840628, and KB 2821895
Two Black Tuesday patches -- MS 13-052 and MS 13-057 -- and last month's nonsecurity patch KB 2821895 cause a variety of problems
- https://www.infoworld.com/t/microsof...2821895-222807
July 16, 2013
MS13-052: https://support.microsoft.com/kb/2861561
Last Review: July 11, 2013 - Revision: 2.0
MS13-057: https://support.microsoft.com/kb/2847883
Last Review: July 17, 2013 - Revision: 4.0
KB 2821895: https://support.microsoft.com/kb/2821895
Last Review: June 20, 2013 - Revision: 5.0
:fear: :sad:
MS Security Bulletin Summary - August 2013
FYI...
- https://technet.microsoft.com/en-us/...letin/ms13-aug
August 13, 2013 - "This bulletin summary lists security bulletins released for August 2013...
(Total of -8-)
Microsoft Security Bulletin MS13-059 - Critical
Cumulative Security Update for Internet Explorer (2862772)
- https://technet.microsoft.com/en-us/...letin/ms13-059
Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer
Microsoft Security Bulletin MS13-060 - Critical
Vulnerability in Unicode Scripts Processor Could Allow Remote Code Execution (2850869)
- https://technet.microsoft.com/en-us/...letin/ms13-060
Critical - Remote Code Execution - May require restart - Microsoft Windows
Microsoft Security Bulletin MS13-061 - Critical
Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (2876063)
- https://technet.microsoft.com/en-us/...letin/ms13-061
Critical - Remote Code Execution - May require restart - Microsoft Server Software
Microsoft Security Bulletin MS13-062 - Important
Vulnerability in Remote Procedure Call Could Allow Elevation of Privilege (2849470)
- https://technet.microsoft.com/en-us/...letin/ms13-062
Important - Elevation of Privilege - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS13-063 - Important
Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2859537)
- https://technet.microsoft.com/en-us/...letin/ms13-063
Important - Elevation of Privilege - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS13-064 - Important
Vulnerability in Windows NAT Driver Could Allow Denial of Service (2849568)
- https://technet.microsoft.com/en-us/...letin/ms13-064
Important - Denial of Service - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS13-065 - Important
Vulnerability in ICMPv6 could allow Denial of Service (2868623)
- https://technet.microsoft.com/en-us/...letin/ms13-065
Important - Denial of Service - Requires restart - Microsoft Windows
Microsoft Security Bulletin MS13-066 - Important
Vulnerability in Active Directory Federation Services Could Allow Information Disclosure
- https://technet.microsoft.com/en-us/...letin/ms13-066
Important - Information Disclosure - May require restart - Microsoft Windows
___
MS13-052: Vulnerabilities in .NET Framework and Silverlight could allow remote code execution
- https://support.microsoft.com/kb/2861561
August 13, 2013 This security update has been re-released and contains some updated articles. We recommend that you apply this updated security update.
Last Review: August 13, 2013 - Revision: 5.0
- https://technet.microsoft.com/en-us/...letin/MS13-052
Updated: August 13, 2013
MS13-057: Description of the security update for Windows Media Format Runtime 9 and 9.5 (wmvdmod.dll), and for Windows Media Player 11 and 12
- http://support.microsoft.com/default...;en-us;2803821
"... issue resolved for Win7 and Win Svr 2008R2...
re-released version of security update 2803821 - August 13, 2013..."
Last Review: August 13, 2013 - Revision: 8.0
- https://technet.microsoft.com/en-us/...letin/MS13-057
Updated: August 13, 2013
___
- http://blogs.technet.com/b/msrc/arch...edirected=true
Bulletin Deployment Priority
- https://blogs.technet.com/cfs-filesy...3-DP-Slide.PNG
Severity and Exploitability Index
- https://blogs.technet.com/cfs-filesy...d-XI-Slide.PNG
___
ISC Analysis
- https://isc.sans.edu/diary.html?storyid=16358
Last Updated: 2013-08-13 17:28:40
- http://www.theinquirer.net/inquirer/...r-and-exchange
Aug 14 2013 - "... MS13-059 fixes 11 vulnerabilities in all versions of IE from IE6 to IE10... two patches for address space layout randomisation (ALSR) bypasses this month in MS13-059 for IE and MS13-063 in the Windows kernel..."
___
- https://secunia.com/advisories/53998/ - MS13-059
- https://secunia.com/advisories/54364/ - MS13-060
- https://secunia.com/advisories/54392/ - MS13-061
- https://secunia.com/advisories/54394/ - MS13-062
- https://secunia.com/advisories/54406/ - MS13-063
- https://secunia.com/advisories/54420/ - MS13-064
- https://secunia.com/advisories/54440/ - MS13-065
- https://secunia.com/advisories/54459/ - MS13-066
___
MSRT
- https://support.microsoft.com/?kbid=890830
August 13, 2013 - Revision: 125.0
- http://www.microsoft.com/security/pc...-families.aspx
"... list includes every major virus and worm family the tool provides detection and cleaning capabilities for since its initial release on January 11, 2005..."
Download:
- https://www.microsoft.com/en-us/down...l-details.aspx
Windows-KB890830-V5.3.exe
Windows Malicious Software Removal Tool x64:
Windows-KB890830-x64-V5.3.exe
.
MS Security Advisories - 8.13.2013 ...
FYI...
Microsoft Security Advisory (2861855)
Updates to Improve Remote Desktop Protocol Network-level Authentication
- http://technet.microsoft.com/en-us/s...visory/2861855
August 13, 2013
Microsoft Security Advisory (2862973)
Update for Deprecation of MD5 Hashing Algorithm for Microsoft Root Certificate Program
- http://technet.microsoft.com/en-us/s...visory/2862973
August 13, 2013
Microsoft Security Advisory (2854544)
Updates to Improve Cryptography and Digital Certificate Handling in Windows
- http://technet.microsoft.com/en-us/s...visory/2854544
Published: June 11, 2013 | Updated: August 13, 2013
Microsoft security advisories: RDP and MD5 deprecation in Microsoft root certificates
- https://isc.sans.edu/diary.html?storyid=16361
Last Updated: 2013-08-13 18:12:43
:fear::fear::fear: